CVE-2007-4427

Published: Aug 20, 2007Modified: Apr 23, 2026

3.5

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability: 6.8 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in the login page redirection logic in the Cache' Server Page (CSP) implementation in InterSystems Cache' 2007.1.0.369.0 and 2007.1.1.420.0 allows remote authenticated users to modify data on a server, related to encoding of certain parameter values by this redirection logic, aka MAK2116.

Affected (2)

Products: Intersystems: Cache Database

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Intersystems Cache Database	Version 2007.1.0.369.0
Intersystems Cache Database	Version 2007.1.1.420.0

References (8)

http://groups.google.com/group/intersystems-public-cache/browse_thread/thread/57d7c80dde26fda3/7845e246da5b095b

Source: cve@mitre.org

Patch

http://osvdb.org/40178

Source: cve@mitre.org

http://secunia.com/advisories/26541

Source: cve@mitre.org

http://www.intersystems.com/support/cflash/2007announce.html

Source: cve@mitre.org

http://groups.google.com/group/intersystems-public-cache/browse_thread/thread/57d7c80dde26fda3/7845e246da5b095b

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://osvdb.org/40178

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/26541

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.intersystems.com/support/cflash/2007announce.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.